Resolved to Protect: DNS Firewall Uses Cymon.io To Secure All The Borders

DNS Firewall not only fortifies your cybersecurity perimeter, but extends its reach as well.

2 March, 2016

This week we announced the official launch of Cymon.io, the world's largest open threat intel sharing community. We’re equally excited to let you know about eSentire DNS Firewall™, a new product that taps into the power of Cymon and leverages the award-winning protection of the Active Threat Protection service. DNS Firewall is a major step forward in solving real cybersecurity challenges faced by small to mid-sized enterprise.

Most readers are probably aware of DNS filtering as a security device. As a reminder, name resolution is a critical step in just about every internet request, and malicious requests are no different. Most DNS requests present no danger and go about their business looking up domains and return numeric IP addresses. But the bad guys rely upon name resolution too. However, advance knowledge of bad IPs and domains (6+ million at last count) provides us with an opportunity to serve as a secure authority in the transaction that takes place between a device and a domain that it’s trying to connect to. By taking advantage of the first opportunity to intervene at this level, we can draw meaningful impact on an organization’s security posture. Some of this is already baked into our core service offering. With DNS Firewall, we’ve taken it right down to the DNS level to be even more effective.

DNS Firewall is an efficient way to prevent pre-infection traffic from the primary vectors we know about, which are humans and social activity. With DNS Firewall phishing URLs will be stopped before they can be reached while social feeds with unsafe URLs won’t connect. We also know that the vast majority of malware needs DNS resolution to contact command-and-control (CnC) and other accessory servers. Stopping this resolution dead in its tracks both protects the network and allows investigation to the endpoint reaching out. The second part is vital; a big motivation for us is that we not only stop traffic, but our 24x7 Security Operations Center (SOC) is alerted to every blocked request. Once alerted, the SOC applies active correlation to determine root cause. They then identify necessary actionable remediation steps to close the loop.

A key part of filtering traffic with DNS Firewall, is that DNS protection is provided instantly, with zero infrastructure. It’s as simple as pointing to our name servers to get effective, cloud-based protection for any branch office, server, POS system, or device on your network regardless of geographic location, or OS.

A layered approach for security is the absolute best plan for protecting the organization. By adding DNS, we’ve fortified your perimeter and extended its reach. As the threat landscape evolves, we’ll continue to deliver innovative products and services to provide organizations with unparalleled cybersecurity protection.

Look for more exciting news about DNS Firewall coming soon and in the meantime, you can learn more about the new service here.